mirror of
https://github.com/github/codeql.git
synced 2026-03-28 10:18:17 +01:00
37 lines
1.3 KiB
XML
37 lines
1.3 KiB
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
|
|
|
|
<overview>
|
|
<p>This rule finds code that checks the sign of the result of a bitwise operation. Such a check may yield unexpected results. As an example, consider the following code that checks if the <code>n</code>th bit of a variable <code>x</code> is set: </p>
|
|
|
|
<pre> x & (1 << n) > 0 </pre>
|
|
|
|
<p>If <code>x</code> is a 32-bit signed integer, the value of <code>x & (1 << 31)</code> is interpreted as a signed number. If <code>x</code> is negative (that is, its sign bit is set), and <code>n</code> is 31, then <code>x & (1 << 31)</code> evaluates to <code>0x80000000</code> (all bits zero except the sign bit). The sign check on this value fails, implying that the 31st bit of <code>x</code> is unset. This is clearly incorrect.</p>
|
|
|
|
</overview>
|
|
<recommendation>
|
|
<p>The above sign check should be rewritten as</p>
|
|
|
|
<pre> x & (1 << n) != 0</pre>
|
|
|
|
</recommendation>
|
|
<references>
|
|
|
|
<li>
|
|
Code Project: <a href="http://www.codeproject.com/Articles/2247/An-introduction-to-bitwise-operators">An introduction to bitwise operators</a>
|
|
</li>
|
|
<li>
|
|
MSDN Library: <a href="https://msdn.microsoft.com/en-us/library/dxda59dh.aspx">Signed Bitwise Operations</a>
|
|
</li>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</references>
|
|
</qhelp>
|